I am having a trouble with Springs Security Configuration. I am sharing my code below.

My problem is I want /user* url and /admin* url should be accessed only when the user is logged in to my application, my application has major ajax calls so I want no user have access to /user* URL without logging in. But when I tried to type the URL in web browser I was not even redirected to login page, instead I am getting on the page which is typed in the URL.

3 Answers
3

Second, if you have restful calls to your secured resources, this likely happenes.Check the firebug. You'll see a 302 redirect as a response to your request. In this case, you better not use redirecting, but giving a 403 access denied response and handle it manually within your ajax framework.

Sir, thanks for your response, can you please help me with one more case that why I am getting the same login page with error in login, even if my putting the correct login credentials.
–
Ankur JainDec 23 '12 at 12:50

Have you checked your database.USER table? Is your password correct? Is it encrypted? Failure in login is caused by one of these scenarios.
–
Matin KhDec 23 '12 at 12:58

No sir, my password is not encrypted. Is it necessary to be encrypted. And I am entering the correct password and username.
–
Ankur JainDec 23 '12 at 16:30

It is not necessary to have your passwords encrypted, but it is recommended. Check your query separately. Does it load correctly?
–
Matin KhDec 24 '12 at 5:20

I was not able to login, because I was not having an ENABLED field in my USER Table and I am also not creating the ROLES Table. But I don't understand why enabled field is needed and why we need to create a seprate Role table as well in Springs Security.
–
Ankur JainDec 24 '12 at 8:41

You are absolutely right, this is working fine, but having problem that it is not allowing me to access the the page even I am putting the correct username and password.
–
Ankur JainDec 23 '12 at 11:51

And sir, one more query will this also work for ajax calls ?
–
Ankur JainDec 23 '12 at 11:51

I do not know about ajax stuff cos I always used ZK-Framework for ajax login and I do not know if it is the same in pure Spring. For now I do not see the name/pw problem. Post code for login page and db-connection would be the best.
–
Nabil A.Dec 23 '12 at 12:06